Okay, I'm not super familiar with MacOS or their sandboxing, so I stand to be corrected here! But I'm going through the certification process, and an issue got flagged that I need to be using security-scoped bookmarks for the data directory my app writes to.
What's missing
- JVM target stores raw path bytes: I think this is incorrect. This should be the bytes of the bookmark, not the path. So this is probably broken at the moment.
- Apple-native target passes options = 0u: so native iOS/macOS sandboxed apps wouldn't actually restore access across launches
What I think a fix might look like
- JVM target on macOS: bridge to the real NSURL bookmark APIs via JNI/JNA (Objective-C runtime or a small bundled dylib). When
os.name indicates macOS, use security-scoped bookmarks; on Linux/Windows JVM, keep the current path-bytes behavior.
- Apple-native target: pass
NSURLBookmarkCreationWithSecurityScope on create and NSURLBookmarkResolutionWithSecurityScope on resolve. Track whether the resolved URL is stale (bookmarkDataIsStale) and surface it so callers can refresh.
- Access lifecycle: make
startAccessingSecurityScopedResource() / stopAccessingSecurityScopedResource() real for the sandboxed case on both targets
- Docs: maybe call out the required entitlements?
com.apple.security.app-sandboxcom.apple.security.files.user-selected.read-write (initial pick)com.apple.security.files.bookmarks.app-scope (persistence across launches)
Okay, I'm not super familiar with MacOS or their sandboxing, so I stand to be corrected here! But I'm going through the certification process, and an issue got flagged that I need to be using security-scoped bookmarks for the data directory my app writes to.
What's missing
What I think a fix might look like
os.nameindicates macOS, use security-scoped bookmarks; on Linux/Windows JVM, keep the current path-bytes behavior.NSURLBookmarkCreationWithSecurityScopeon create andNSURLBookmarkResolutionWithSecurityScopeon resolve. Track whether the resolved URL is stale (bookmarkDataIsStale) and surface it so callers can refresh.startAccessingSecurityScopedResource()/stopAccessingSecurityScopedResource()real for the sandboxed case on both targetscom.apple.security.app-sandboxcom.apple.security.files.user-selected.read-write(initial pick)com.apple.security.files.bookmarks.app-scope(persistence across launches)